static int
master_input_auth_request(struct auth_master_connection *conn, const char *args,
const char *cmd, struct auth_request **request_r,
const char **error_r)
{
struct auth_request *auth_request;
const char *const *list, *name, *arg, *username;
unsigned int id;
/* <id> <userid> [<parameters>] */
list = t_strsplit_tab(args);
if (list[0] == NULL || list[1] == NULL ||
str_to_uint(list[0], &id) < 0) {
i_error("BUG: Master sent broken %s", cmd);
return -1;
}
auth_request = auth_request_new_dummy();
auth_request->id = id;
auth_request->master = conn;
auth_master_connection_ref(conn);
username = list[1];
for (list += 2; *list != NULL; list++) {
arg = strchr(*list, '=');
if (arg == NULL) {
name = *list;
arg = "";
} else {
name = t_strdup_until(*list, arg);
arg++;
}
(void)auth_request_import_info(auth_request, name, arg);
}
if (auth_request->service == NULL) {
i_error("BUG: Master sent %s request without service", cmd);
auth_request_unref(&auth_request);
auth_master_connection_unref(&conn);
return -1;
}
auth_request_init(auth_request);
if (!auth_request_set_username(auth_request, username, error_r)) {
*request_r = auth_request;
return 0;
}
*request_r = auth_request;
return 1;
}
bool auth_request_handler_master_request(struct auth_request_handler *handler,
struct auth_master_connection *master,
unsigned int id, unsigned int client_id,
const char *const *params)
{
struct auth_request *request;
struct net_unix_cred cred;
request = hash_table_lookup(handler->requests, POINTER_CAST(client_id));
if (request == NULL) {
i_error("Master request %u.%u not found",
handler->client_pid, client_id);
return auth_master_request_failed(handler, master, id);
}
auth_request_ref(request);
auth_request_handler_remove(handler, request);
for (; *params != NULL; params++) {
const char *name, *param = strchr(*params, '=');
if (param == NULL) {
name = *params;
param = "";
} else {
name = t_strdup_until(*params, param);
param++;
}
(void)auth_request_import_master(request, name, param);
}
/* verify session pid if specified and possible */
if (request->session_pid != (pid_t)-1 &&
net_getunixcred(master->fd, &cred) == 0 &&
cred.pid != (pid_t)-1 && request->session_pid != cred.pid) {
i_error("Session pid %ld provided by master for request %u.%u "
"did not match peer credentials (pid=%ld, uid=%ld)",
(long)request->session_pid,
handler->client_pid, client_id,
(long)cred.pid, (long)cred.uid);
return auth_master_request_failed(handler, master, id);
}
if (request->state != AUTH_REQUEST_STATE_FINISHED ||
!request->successful) {
i_error("Master requested unfinished authentication request "
"%u.%u", handler->client_pid, client_id);
handler->master_callback(t_strdup_printf("FAIL\t%u", id),
master);
auth_request_unref(&request);
} else {
/* the request isn't being referenced anywhere anymore,
so we can do a bit of kludging.. replace the request's
old client_id with master's id. */
auth_request_set_state(request, AUTH_REQUEST_STATE_USERDB);
request->id = id;
request->master = master;
/* master and handler are referenced until userdb_callback i
s called. */
auth_master_connection_ref(master);
handler->refcount++;
auth_request_lookup_user(request, userdb_callback);
}
return TRUE;
}
